Ubuntu
openssh package

Merge lp:~smoser/ubuntu/natty/openssh/lp-686607 into lp:ubuntu/natty/openssh

  1. Natty (11.04)
  2. lp-686607
  3. Merge into natty
Proposed by Scott Moser
Status: Merged
Merged at revision: 3220
Proposed branch: lp:~smoser/ubuntu/natty/openssh/lp-686607
Merge into: lp:ubuntu/natty/openssh
Diff against target: 75 lines (+36/-1)
4 files modified
debian/changelog (+6/-0)
debian/patches/mention-ssh-keygen-on-keychange.patch (+25/-0)
debian/patches/series (+1/-0)
sshconnect.c (+4/-1)
To merge this branch: bzr merge lp:~smoser/ubuntu/natty/openssh/lp-686607
Reviewer Review Type Date Requested Status
Ubuntu branches Pending
Review via email: mp+43226@code.launchpad.net
To post a comment you must log in.
Revision history for this message
Colin Watson (cjwatson) wrote :

The patch looks OK, but could you please forward it upstream
(https://bugzilla.mindrot.org/)? I'm trying to reduce the number of
distribution-specific patches to OpenSSH we carry, on the whole.

Revision history for this message
Scott Moser (smoser) wrote :

On Thu, 9 Dec 2010, Colin Watson wrote:

> The patch looks OK, but could you please forward it upstream
> (https://bugzilla.mindrot.org/)? I'm trying to reduce the number of
> distribution-specific patches to OpenSSH we carry, on the whole.

I did just send a mail to "openssh-unix-dev mailing list", and replied to
the "confirm message" mail, but it hasn't shown up at [1].

I didn't know about bugzilla.mindrot.

I've just opened https://bugzilla.mindrot.org/show_bug.cgi?id=1843

--
[1] http://lists.mindrot.org/pipermail/openssh-unix-dev/2010-December/thread.html

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'debian/changelog'
2--- debian/changelog 2010-10-26 14:43:04 +0000
3+++ debian/changelog 2010-12-09 15:05:33 +0000
4@@ -1,3 +1,9 @@
5+openssh (1:5.6p1-2ubuntu2~sm0) UNRELEASED; urgency=low
6+
7+ * add mention of ssh-keygen in ssh connect warning (LP: #686607)
8+
9+ -- Scott Moser <smoser@ubuntu.com> Tue, 07 Dec 2010 10:34:30 -0500
10+
11 openssh (1:5.6p1-2ubuntu1) natty; urgency=low
12
13 * Resynchronise with Debian. Remaining changes:
14
15=== added file 'debian/patches/mention-ssh-keygen-on-keychange.patch'
16--- debian/patches/mention-ssh-keygen-on-keychange.patch 1970-01-01 00:00:00 +0000
17+++ debian/patches/mention-ssh-keygen-on-keychange.patch 2010-12-09 15:05:33 +0000
18@@ -0,0 +1,25 @@
19+Description: Mention ssh-keygen in ssh fingerprint changed warning
20+Author: Scott Moser <smoser@ubuntu.com>
21+Forwarded: no
22+Last-Update: 2010-12-07
23+--- a/sshconnect.c
24++++ b/sshconnect.c
25+@@ -908,14 +908,17 @@
26+ error("%s. This could either mean that", key_msg);
27+ error("DNS SPOOFING is happening or the IP address for the host");
28+ error("and its host key have changed at the same time.");
29+- if (ip_status != HOST_NEW)
30++ if (ip_status != HOST_NEW) {
31+ error("Offending key for IP in %s:%d", ip_file, ip_line);
32++ error(" remove with: ssh-keygen -f \"%s\" -R %d", ip_file, ip_line);
33++ }
34+ }
35+ /* The host key has changed. */
36+ warn_changed_key(host_key);
37+ error("Add correct host key in %.100s to get rid of this message.",
38+ user_hostfile);
39+ error("Offending key in %s:%d", host_file, host_line);
40++ error(" remove with: ssh-keygen -f \"%s\" -R %d", host_file, host_line);
41+
42+ /*
43+ * If strict host key checking is in use, the user will have
44
45=== modified file 'debian/patches/series'
46--- debian/patches/series 2010-10-26 14:41:11 +0000
47+++ debian/patches/series 2010-12-09 15:05:33 +0000
48@@ -46,3 +46,4 @@
49 # Ubuntu additions
50 consolekit.patch
51 doc-upstart.patch
52+mention-ssh-keygen-on-keychange.patch
53
54=== modified file 'sshconnect.c'
55--- sshconnect.c 2010-08-23 22:52:36 +0000
56+++ sshconnect.c 2010-12-09 15:05:33 +0000
57@@ -908,14 +908,17 @@
58 error("%s. This could either mean that", key_msg);
59 error("DNS SPOOFING is happening or the IP address for the host");
60 error("and its host key have changed at the same time.");
61- if (ip_status != HOST_NEW)
62+ if (ip_status != HOST_NEW) {
63 error("Offending key for IP in %s:%d", ip_file, ip_line);
64+ error(" remove with: ssh-keygen -f \"%s\" -R %s", ip_file, ip);
65+ }
66 }
67 /* The host key has changed. */
68 warn_changed_key(host_key);
69 error("Add correct host key in %.100s to get rid of this message.",
70 user_hostfile);
71 error("Offending key in %s:%d", host_file, host_line);
72+ error(" remove with: ssh-keygen -f \"%s\" -R %s", host_file, host);
73
74 /*
75 * If strict host key checking is in use, the user will have

Subscribers

People subscribed via source and target branches

to all changes: